<cfif not IsDefined("username")>
<cflocation url="/ecada/index.cfm">
</cfif>

<cfif #username# eq "">
<cflocation url="/ecada/index.cfm">
</cfif>

<cfquery name="details" datasource="exp">
    SELECT * 
    FROM user
    WHERE username=<cfqueryparam cfsqltype="cf_sql_varchar" value="#username#">
    AND password=<cfqueryparam cfsqltype="cf_sql_varchar" value="#thepassword#">
</cfquery>

<cfif #details.RecordCount# eq 0>
<cfset session.message="Sorry, wrong details, please try again">
<cflocation url="/ecada/index.cfm">
</cfif>

<cfset session.id=#details.id#>
#details.id#
<cfset session.name="#details.name#">
<cflocation url="/ecada/index.cfm">
